SUMMARY

• 8+ years of experience in Networking, including hands - on experience in providing network support, installation and analysis for a broad range of LAN / WAN/ MAN communication systems.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, BGP v4, MPLS.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Load Balancers & Cisco Firewalls
• Cisco Prime Infrastructure deployment.
• Build WLAN monitoring site maps in the Cisco Prime Infrastructure system
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPSec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
• Advanced knowledge in TCP/IP suite and routing protocols, such as OSPF, BGP, EIGRP, multicast, IPSEC VPN design connection & protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Practical experience in Active directory, OU, DNS, DHCP, Group policy, Replication, Active directory domain trust relationship.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Knowledge of Cisco configurations focused on Routing, QOS, MPLS Multicast and Security.
• Configuring, Administering and troubleshooting the Checkpoint, Palo Alto, and ASA firewall.
• Configuration of Network and Security devices such as Cisco routers and switches (Cisco
• 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager (Infoblox)
• Services Engine (ISE), ACS (Radius and TACACS+).
• Experience in working with Nexus 7K, 5K, 2K devices.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Cisco UCS, switching and routing equipment. F5 3900 and Viprion load balancers
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Experienced in using Cisco Identity Services Engine (ISE).
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• F5 Viprion/LTM load balancers
• Configuration of F5's Big IP for Application Load Balancing.
• Advanced proficiency in designing, deploying, and maintaining perimeter security devices such as IPS, IDS, Radware, etc.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Knowledge in preparing Technical Documentation and presentations using Microsoft VISIO/Office.
• Worked with F5s Big-IP 6900 Series Platform and the Viprion 2400.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.
• Experience in designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analysing results and implement and delivering solutions as an individual and as part of a team.
• Expertise in creating groups and pruning traffic flow using VLAN, VTP, ISL, 802.1Q.
• Working experience with REMEDY, HP OPENVIEW for ticket change management process.
• Excellent in documentation and updating client’s network documentation using VISIO.

TECHNICAL SKILLS

Routers: Cisco 7600, 7200, 3800, 3600, 2900, 2800, 2600, 1800, 1700

Routing: OSPF, EIGRP, BGP, and RIP v1/v2, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Switches: Nexus 2K/5K/7K, Cisco Catalyst 2900, 3500, 3700, 6500, 4500, 3850, 3560, 3750, 2960

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channel, Transparent Bridging.

Network Security: Cisco ASA 5540, ACL, IPSEC, F5 Load Balancer, Checkpoint, Palo Alto

Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400.

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN: PPP, HDLC, Channelized links (T1/T3), Fiber Optic Circuits, Frame Relay, VOIP

Gateway Redundancy: HSRP and GLBP

Various Features & Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Network Management: Wireshark, SNMP, Solarwinds

PROFESSIONAL EXPERIENCE

Confidential, San Jose, CA

Network Engineer

Responsibilities:

• Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Experience with design and implementation of Data center migration
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Added centralized management using Cisco Prime Infrastructure.
• Configuring and installing 6500, 4500 in Campus networks.
• Switches Replace branch hardware with new 2851 routers and 2960 switches.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to GetVPN.
• Working experience with routing and network service protocols (e.g. OSPF, MPLS, Multicast, SNMP, IPv6)
• Analyze and review security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Radware, and other security threat data sources. dHs.
• Configure & troubleshoot IPSec VPN issues.
• Dynamic IP Routing protocols (OSPF, EIGRP, BGP, Multicast).
• Lead Engineer for Network refresh project for Multinational insurance company. Providing remote assistance for replacing exiting switches with new Cisco switches.
• Configuring routing protocols OSPF, EIGRP,RIP, MPBGP, LDP and BGPV4
• Configuring HSRP between VLANs, Configuring Ether-Channels, and Port Channel on 6500 catalyst.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
• Deployment and support of F5 LTM/GTM 1600, 3600, 6900 and Viprion Chassis running OS versions 9.x through 11.x.
• Build Logical design and Implementation of Wireless Solution.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Managed IP address DNS and DHCP for the network using Infoblox.
• Deploying and decommissioning Cisco switches and their respective software upgrades.
• Performing the ACL requests change for various clients by collecting source and destination information from them.
• Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols and also providing secure sessions over internet using IPSec and SSL encryption.
• Operating F5 Big IP and VIPRION systems.
• Configure, deploy, and manage Radware DefensePro DDoS systems.
• Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Building the VPN tunnel and VPN encryption.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating.
• Provided proactive threat defence with ASA that stops attacks before they spread through the network.
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issues.
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.
• Created new DHCP scopes and reserved DNS entries for IPs using Infoblox
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Worked with creating VIP (virtual servers), pools, nodes and applying iRules for the virtual servers like cookie persistency, redirection of the URL.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Proficient in Palo Alto Next-Generation Bluecoat web proxy, HP ArcSight, Splunk Enterprise, Wireshark, FireEye, and various internet tools to assist in analysis.

Confidential, Framingham, MA

Network Engineer

Responsibilities:

• Configured RIP, PPP, BGP and OSPF routing.
• Identify, design and implement flexible, responsive, and secure technology services
• Created standard access lists to allow SNMP, NTP and logging servers.
• Documented new VPN enrolments in a database and create standard procedures for further improvement.
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• ConfigureVRRP & GLBP andVLANTrunking802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Experience working with Cisco IOS, IOS-XR, NXOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Worked on Palo Alto firewalls, TCP/IP, UDP Multicast, OSPF, and various network mediums.
• Deployment, configuration, and management of 802.1x solutions to include Cisco Identity Services Engine (ISE), ACS, and Cisco Prime.
• Work with Active Directory, DNS, and DHCP for internal zones of the network.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application.
• Configuring F5 LTM 8950, 6900, VIPRION 2400 models.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Co-ordinated with the Data Network and Security team and came up with possible solutions.
• Work on Physical site Inventory verification, gather information of various Cisco Network devices and Security Devices to develop Run book and Spec Book.
• Configuration of F5's Big IP for Application Load Balancing.
• Configuration and Integration of Cisco Identity Services Engine (ISE) 1.2.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• BIG-IP products and VIPRION Chassis. Network planning of the racks and the devices along with assigning
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Controlling the URL access by using the Bluecoat proxy servers and also McAfee web gateway.
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO
• Estimated Project costs and created documentation for project funding approvals.
• Monitoring and troubleshooting network issues between client site and 85 remote sites with legacy switches and routers
• Performed and presented network analysis as a part of network migration. Involved in knowledge transfer to vendors and provided them network support as required
• Worked as a single point of contact for the whole migration
• Configuration and maintenance of EIGRP and BGP network on router 7200 and 6500 MLS.
• Configuration and maintenance of 3750 stack and 6500 VSS for improved efficiency of the data plane.
• Configuration and management of NEXUS network in the existing network infrastructure.
• Created LAB setup with 7k and 5K NEXUS switches for application testing.

Confidential, San Antonio, TX

Network Engineer

Responsibilities:

• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
• Performed basic security and ACL administration on Juniper SRX firewalls. That includes day to day rule deployment, troubleshooting using data flow analysis and packet capture.
• Updated the HP open view map to reflect and changes made to any existing node/object.
• Handled SRST and implemented and configured the Gateways, Voice Gateways.
• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Used FireEye to detect attacks through common attack vectors such as emails and webs
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLan routing, LAN security.
• Worked on the security levels with RADIUS, TACACS+.
• Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
• Improved network and system security through setup and ongoing maintenance of Riverbed IPS, FireEye on edge.
• Identify, design and implement flexible, responsive, and secure technology services
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Configured switches with port security and 802.1x for enhancing customers security.
• Monitored network for optimum traffic distribution and load balancing using Solar winds.
• Validate existing infrastructure and recommend new network designs.
• Handled Tech Support as it relates to LAN & WAN systems.

Confidential

Network Engineer

Responsibilities:

• Provides day to day support for firewall engineering and operations tasks and level 1 & 2 on-call technical support for the Firewall Engineering and Operations team; including assisting peers with issues and escalation
• Installation Configuration and Troubleshooting of Cisco ASA and Checkpoint Firewalls in the network.
• Firewall Policy Implementation on Checkpoint R62 and R65 using Provider 1.
• Migrated Nokia IP 300 to Checkpoint NGX R65 SPLAT
• Site to site VPN implementation on Checkpoint Firewall R62 with 3DES encryption over IPsec.
• Installing, Monitoring and Maintaining Local Area Network.
• Implemented Windows NT domain, domain name services E-mail, Web, and FTP services.
• Installed and configured network printer installation (HP) 3500 series.
• Installing and configuring the peripherals, components and drivers.
• Resolving tickets on network and service provisioning.
• Configuring RIP, OSPF and Static routing on JuniperRouters.
• Hands on experience with Juniper EX-Series Ethernet Switches.
• Network cabling, dressing, labelling and troubleshooting network drops onsite.
• Working on Network support and implementation related internal projects.
• Provided technical support on hardware and software related issues to remote production sites.
• Configured EIGRP for Lab Environment.
• Created VLAN and Inter-VLAN routing with Multilayer Switching.
• Configuring and troubleshooting desktops, laptops and servers.
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists as per Network design and IT Policies.
• Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer.